autorun

USB flash drives continue to present a serious challenge to information security, for consumers and companies alike. You will be aware of this if you read our recent article on the Win32/Pronny worm, just one example of a piece of malicious software that is “in the wild” and actively seeking to spread via USB flash

Malware activity exploiting Autorun on Windows computers has been generating quite a few calls to ESET support lines lately, reminding us that old infection techniques seldom die and USB flash drives can still be an effective means of getting malicious code onto a computer. USB drives can be used to infect computers that automatically execute

Since yesterday’s Much Ado About Facebook post in the ESET Threat Blog, we have written additional articles, received a few comments, and also received updated information on the “threat,” so it seems that now is a good time for a follow-up article. Reports continue to come in of pornographic and violent imagery on Facebook, and

Recently, a new data-stealing worm caught our attention. The reason why it stands out from many similar amateur creations is that its author is most probably Czech, as the text strings, variable and function names used by the malware suggest. The Czech text above is displayed by the worm inside a console window and translates

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer

In May it was reported that IBM handed out some USB drives that were infected. A month later I spoke at a security conference that I will not name. I gave the AV (audio/visual) technician a USB key with my presentation on it to copy to the laptop they were using for the presentations. About

I don’t really want to leave ESET, but IBM needs me. Several years ago Microsoft had a serious problem with viruses in its software. I was given the task of making it go away. It started with retail software. My job was to make sure none of the retail software Microsoft released was infected. Then

Autorun and Windows 7. Long time readers know that I think autorun was Microsoft’s longest unpatched vulnerability. For Windows 7 Microsoft has made some serious improvements, but for older versions of Windows Microsoft has ignored the obvious vulnerability and only offered the patch as an optional download instead of making it a critical update, as

Ford Motor Company has recently announced that later this year it will be producing cars with built-in WiFi capabilities. Since 2008, the first generation of this system enabled owners of certain Ford, Lincoln & Mercury vehicles to connect media players & bluetooth devices to their entertainment systems. This second generation of its so called Sync

You may have seen the news about the bot masters in Spain who were arrested. Defense Intelligence http://defintel.com/docs/Mariposa_Analysis.pdf dubbed this Mariposa botnet. It is claimed that this botnet had the power to perform much stronger attacks than what Estonia witnessed a couple of years ago. Still, this botnet is dwarfed by the largest botnet in

As our December ThreatSense report (now available at http://www.eset.com/threat-center/threat_trends/Global_Threat_Trends_December_2009.pdf) was not only the last of the year but the last of the decade, it's rather longer and more detailed than usual, including a look back at the last 12 months. I suppose we could have gone back over the whole decade, but I have to

OK, so I lied about not doing a top ten. Twice. For a paper that's going through the publication process at the moment, I revisited some of the ideas that our research team at ESET LLC came up with this time last year for a top ten things that people can do to protect themselves

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET's ThreatSense.Net™ cloud. You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site. While the report identifies a number

The Register has reported that it cost Ealing Council, in London (UK) some £500,000 in lost revenue and repairs after a "virus infection" in May. According to El Reg’s John Leyden, the virus in question was Conficker-D, though because of differences in Conficker variant naming, it’s difficult to say exactly which variant that would refer to.

Microsoft has released the patches required to make autorun work with only CD and DVD drives. There is one little catch, a USB drive can be configured to look like a CD, but this patch definitely helps reduce risk. I highly recommend you install the patch so that you can connect most thumb drives, GPS

Potentially Abandoned Conficker Grows According to an article at Internetnews.com http://www.internetnews.com/security/article.php/3832846 the authors of the Conficker botnet may have abandoned it, yet it continues to grow in numbers. The growth of the botnet is troubling because it is completely preventable and because it means the infected computers are vulnerable to other threats and that these

As we do each month, ESET has released its monthly threat report. As you might expect, there were a lot of Conficker detections out there. There were also almost as many detections for autorun threats that are not Conficker. In other words, if you have disabled autorun, then you protect against a lot more than

One of my all time favorite quotes is by “"Those who cannot remember the past are condemned to repeat it." George Santayana said this in The Life of Reason or The Phases of Human Progress: Reason in Common Sense 284 (2nd ed., Charles Scribner’s Sons, New York, New York 1924 (originally published 1905 Charles Scribner’s